/**
* Adds a new node.
*
* @param mixed $data Array of field => value pairs which define the record.
* @param array Array of options for the content being created.
* Understands skipTransaction, skipFloodCheck, floodchecktime, skipDupCheck, skipNotification, nl2br, autoparselinks.
* - nl2br: if TRUE, all \n will be converted to <br /> so that it's not removed by the html parser (e.g. comments).
* - wysiwyg: if true convert html to bbcode. Defaults to true if not given.
*
* @throws vB_Exception_Api
*
* @return integer the new nodeid
*/
public function add($data, $options = array())
{
$vboptions = vB::getDatastore()->getValue('options');
if (!empty($data['pagetext'])) {
$strlen = vB_String::vbStrlen($this->library->parseAndStrip($data['pagetext']), true);
if ($strlen < $vboptions['postminchars']) {
throw new vB_Exception_Api('please_enter_message_x_chars', $vboptions['postminchars']);
}
if ($vboptions['postmaxchars'] != 0 and $strlen > $vboptions['postmaxchars']) {
throw new vB_Exception_Api('maxchars_exceeded_x_y', array($vboptions['postmaxchars'], $strlen));
}
} else {
if (!empty($data['rawtext'])) {
$strlen = vB_String::vbStrlen($this->library->parseAndStrip($data['rawtext']), true);
if ($strlen < $vboptions['postminchars']) {
throw new vB_Exception_Api('please_enter_message_x_chars', $vboptions['postminchars']);
}
if ($vboptions['postmaxchars'] != 0 and $strlen > $vboptions['postmaxchars']) {
throw new vB_Exception_Api('maxchars_exceeded_x_y', array($vboptions['postmaxchars'], $strlen));
}
} else {
throw new vB_Exception_Api('invalid_data');
}
}
$this->cleanInput($data);
$this->cleanOptions($options);
$wysiwyg = true;
if (isset($options['wysiwyg'])) {
$wysiwyg = (bool) $options['wysiwyg'];
}
$result = $this->library->add($data, $options, $wysiwyg);
return $result['nodeid'];
}
/**
* Verifies that the provided username is valid, and attempts to correct it if it is not valid
*
* @param string Username
*
* @return boolean Returns true if the username is valid, or has been corrected to be valid
*/
function verify_username(&$username)
{
// this is duplicated from the user manager
// fix extra whitespace and invisible ascii stuff
$username = trim(preg_replace('#[ \\r\\n\\t]+#si', ' ', strip_blank_ascii($username, ' ')));
$username_raw = $username;
$username = vB_String::cleanUserName($username);
$username = str_replace(chr(0), '', $username);
$username = trim($username);
$length = vB_String::vbStrlen($username);
if ($length < $this->registry->options['minuserlength']) {
// name too short
$this->error('usernametooshort', $this->registry->options['minuserlength']);
return false;
} else {
if ($length > $this->registry->options['maxuserlength']) {
// name too long
$this->error('usernametoolong', $this->registry->options['maxuserlength']);
return false;
} else {
if (preg_match('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $username)) {
// name contains semicolons
$this->error('username_contains_semi_colons');
return false;
} else {
if ($username != fetch_censored_text($username)) {
// name contains censored words
$this->error('censorfield');
return false;
} else {
$result = $this->assertor->assertQuery('verifyUsername', array('userid' => intval($this->existing['userid']), 'username' => vB_String::htmlSpecialCharsUni($username), 'username_raw' => vB_String::htmlSpecialCharsUni($username_raw)));
if ($result->valid() and $result->current()) {
// name is already in use
$this->error('usernametaken', vB_String::htmlSpecialCharsUni($username), vB::getCurrentSession()->get('sessionurl'));
return false;
} else {
if (!empty($this->registry->options['illegalusernames'])) {
// check for illegal username
$usernames = preg_split('/[ \\r\\n\\t]+/', $this->registry->options['illegalusernames'], -1, PREG_SPLIT_NO_EMPTY);
foreach ($usernames as $val) {
if (strpos(strtolower($username), strtolower($val)) !== false) {
// wierd error to show, but hey...
$this->error('usernametaken', vB_String::htmlSpecialCharsUni($username), vB::getCurrentSession()->get('sessionurl'));
return false;
}
}
}
}
}
}
}
}
// if we got here, everything is okay
$username = vB_String::htmlSpecialCharsUni($username);
return true;
}
/**
* Updates the user status
*
* @param int UserID
* @param String Status to set
*
* @return String Updated status from user.
*/
public function updateStatus($userid = false, $status)
{
$userContext = vB::getUserContext();
$currentUserId = $userContext->fetchUserId();
$userid = intval($userid);
$vboptions = vB::getDatastore()->getValue('options');
if (vB_String::vbStrlen($status) > $vboptions['statusMaxChars']) {
throw new vB_Exception_Api('please_enter_user_status_with_at_most_x_characters', array($vboptions['statusMaxChars']));
}
if ($userid <= 0 and $currentUserId) {
$userid = $currentUserId;
}
// check user is logged
if (!$userid or !$currentUserId) {
throw new vB_Exception_Api('invalid_userid');
}
// Check if current user canadminusers
try {
$this->checkHasAdminPermission('canadminusers');
} catch (Exception $e) {
// No. Then we need to do something here.
if ($currentUserId != $userid) {
// If current user isn't the same as passed $userid
throw new vB_Exception_Api('no_permission');
}
}
$userInfo = vB_User::fetchUserInfo($userid);
$userdata = new vB_Datamanager_User();
$userdata->set_existing($userInfo);
$userdata->set('status', $status);
$result = $userdata->save();
if (!is_array($result)) {
$userInfo = vB_User::fetchUserInfo(0, array(), 0, true);
return $userInfo['status'];
} else {
return false;
}
}
/**
* Handles a [url] tag. Creates a link to another web page.
*
* @param string If tag has option, the displayable name. Else, the URL.
* @param string If tag has option, the URL.
*
* @return string HTML representation of the tag.
*/
function handle_bbcode_url($text, $link)
{
$rightlink = trim($link);
if (empty($rightlink)) {
// no option -- use param
$rightlink = trim($text);
}
$rightlink = str_replace(array('`', '"', "'", '['), array('`', '"', ''', '['), $this->stripSmilies($rightlink));
// remove double spaces -- fixes issues with wordwrap
$rightlink = str_replace(' ', '', $rightlink);
if (!preg_match('#^[a-z0-9]+(?<!about|javascript|vbscript|data):#si', $rightlink)) {
$rightlink = "http://{$rightlink}";
}
if (!trim($link) or str_replace(' ', '', $text) == $rightlink) {
$tmp = vB_String::unHtmlSpecialChars($rightlink);
if (vB_String::vbStrlen($tmp) > 55 and $this->isWysiwyg() == false) {
$text = vB_String::htmlSpecialCharsUni(vB_String::vbChop($tmp, 36) . '...' . substr($tmp, -14));
} else {
// under the 55 chars length, don't wordwrap this
$text = str_replace(' ', '', $text);
}
}
static $current_url, $current_host, $allowed, $friendlyurls = array();
if (!isset($current_url)) {
$current_url = @vB_String::parseUrl(self::$bbUrl);
}
$is_external = self::$urlNoFollow;
if (self::$urlNoFollow) {
if (!isset($current_host)) {
$current_host = preg_replace('#:(\\d)+$#', '', self::$vBHttpHost);
$allowed = preg_split('#\\s+#', self::$urlNoFollowWhiteList, -1, PREG_SPLIT_NO_EMPTY);
$allowed[] = preg_replace('#^www\\.#i', '', $current_host);
$allowed[] = preg_replace('#^www\\.#i', '', $current_url['host']);
}
$target_url = preg_replace('#^([a-z0-9]+:(//)?)#', '', $rightlink);
foreach ($allowed as $host) {
if (vB_String::stripos($target_url, $host) !== false) {
$is_external = false;
}
}
}
// standard URL hyperlink
return "<a href=\"{$rightlink}\" target=\"_blank\"" . ($is_external ? ' rel="nofollow"' : '') . ">{$text}</a>";
}
/**
* Checks a string for words banned in custom user titles and replaces them with the censor character
*
* @param string Custom user title
*
* @return string The censored string
*/
function censor_custom_title($usertitle)
{
static $ctcensorwords;
if (empty($ctcensorwords)) {
$ctcensorwords = preg_split('#[ \\r\\n\\t]+#', preg_quote($this->options['ctCensorWords'], '#'), -1, PREG_SPLIT_NO_EMPTY);
}
foreach ($ctcensorwords as $censorword) {
if (substr($censorword, 0, 2) == '\\{') {
$censorword = substr($censorword, 2, -2);
$usertitle = preg_replace('#(?<=[^A-Za-z]|^)' . $censorword . '(?=[^A-Za-z]|$)#si', str_repeat($this->options['censorchar'], vB_String::vbStrlen($censorword)), $usertitle);
} else {
$usertitle = preg_replace("#{$censorword}#si", str_repeat($this->options['censorchar'], vB_String::vbStrlen($censorword)), $usertitle);
}
}
return $usertitle;
}
/**
* This is copied from the blog bbcode parser. We either have a specific
* amount of text, or [PRBREAK][/PRBREAK].
*
* @param string text to parse
* @param integer Length of the text before parsing (optional)
* @param boolean Flag to indicate whether do html or not
* @param boolean Flag to indicate whether to convert new lines to <br /> or not
* @param string Defines how to handle html while parsing.
* @param array Extra options for parsing.
* 'do_smilies' => boolean used to handle the smilies display
*
* @return array Tokens, chopped to the right length.
*/
public function getPreview($pagetext, $initial_length = 0, $do_html = false, $do_nl2br = true, $htmlstate = null, $options = array())
{
if ($htmlstate) {
switch ($htmlstate) {
case 'on':
$do_nl2br = false;
break;
case 'off':
$do_html = false;
break;
case 'on_nl2br':
$do_nl2br = true;
break;
}
}
$do_smilies = isset($options['do_smilies']) ? (bool) $options['do_smilies'] : true;
$this->options = array('do_html' => $do_html, 'do_smilies' => $do_smilies, 'do_bbcode' => true, 'do_imgcode' => false, 'do_nl2br' => $do_nl2br, 'cachable' => true);
if (!$do_html) {
$pagetext = vB_String::htmlSpecialCharsUni($pagetext);
}
$html_count = 0;
$pagetext = $this->parse_whitespace_newlines(trim(strip_quotes($pagetext)), $do_nl2br);
$tokens = $this->fix_tags($this->build_parse_array($pagetext));
if ($do_html) {
// Count the number of html tag chars
$html_count = strlen($pagetext) - strlen(strip_tags($pagetext));
}
$counter = 0;
$stack = array();
$new = array();
$over_threshold = false;
if (!empty($options['allowPRBREAK']) and strpos($pagetext, '[PRBREAK][/PRBREAK]')) {
$this->snippet_length = strlen($pagetext);
} else {
if (intval($initial_length)) {
$this->snippet_length = $initial_length + $html_count;
} else {
if (empty($this->default_previewlen)) {
$this->default_previewlen = vB::getDatastore()->getOption('previewLength');
if (empty($this->default_previewlen)) {
$this->default_previewlen = 200;
}
}
$this->snippet_length = $this->default_previewlen + $html_count;
}
}
$noparse = false;
$video = false;
$in_page = false;
foreach ($tokens as $tokenid => $token) {
if (!empty($token['name']) and $token['name'] == 'noparse' and $do_html) {
//can't parse this. We don't know what's inside.
$new[] = $token;
$noparse = !$noparse;
} else {
if (!empty($token['name']) and $token['name'] == 'video') {
$video = !$token['closing'];
continue;
} else {
if (!empty($token['name']) and $token['name'] == 'page') {
$in_page = !$token['closing'];
continue;
} else {
if ($video or $in_page) {
continue;
} else {
if ($token['type'] == 'text') {
if ($over_threshold) {
continue;
}
if (!$noparse) {
//If this has [ATTACH] or [IMG] or VIDEO then we nuke it.
$pagetext = preg_replace('#\\[ATTACH.*?\\[/ATTACH\\]#si', '', $token['data']);
$pagetext = preg_replace('#\\[IMG.*?\\[/IMG\\]#si', '', $pagetext);
$pagetext = preg_replace('#\\[video.*?\\[/video\\]#si', '', $pagetext);
if ($pagetext == '') {
continue;
}
if ($trim = stripos($pagetext, '[PRBREAK][/PRBREAK]')) {
$pagetext = substr($pagetext, 0, $trim);
$over_threshold = true;
}
$token['data'] = $pagetext;
}
$length = vB_String::vbStrlen($token['data']);
// uninterruptable means that we will always show until this tag is closed
$uninterruptable = (isset($stack[0]) and isset($this->uninterruptable["{$stack['0']}"]));
if ($counter + $length < $this->snippet_length or $uninterruptable or $noparse) {
// this entry doesn't push us over the threshold
$new[] = $token;
$counter += $length;
} else {
// a text entry that pushes us over the threshold
$over_threshold = true;
$last_char_pos = $this->snippet_length - $counter - 1;
// this is the threshold char; -1 means look for a space at it
if ($last_char_pos < 0) {
$last_char_pos = 0;
}
if (preg_match('#\\s#s', $token['data'], $match, PREG_OFFSET_CAPTURE, $last_char_pos)) {
if ($do_html) {
$token['data'] = strip_tags($token['data']);
}
$token['data'] = substr($token['data'], 0, $match[0][1]);
// chop to offset of whitespace
if (substr($token['data'], -3) == '<br') {
// we cut off a <br /> code, so just take this out
$token['data'] = substr($token['data'], 0, -3);
}
$new[] = $token;
} else {
if ($do_html) {
$token['data'] = strip_tags($token['data']);
}
$token['data'] = substr($token['data'], 0, $last_char_pos);
if (substr($token['data'], -3) == '<br') {
// we cut off a <br /> code, so just take this out
$token['data'] = substr($token['data'], 0, -3);
}
$new[] = $token;
}
break;
}
} else {
// not a text entry
if ($token['type'] == 'tag') {
//If we have a prbreak we are done.
if ($token['name'] == 'prbreak' and isset($tokens[intval($tokenid) + 1]) and $tokens[intval($tokenid) + 1]['name'] == 'prbreak' and $tokens[intval($tokenid) + 1]['closing']) {
$over_threshold == true;
break;
}
// build a stack of open tags
if ($token['closing'] == true) {
// by now, we know the stack is sane, so just remove the first entry
array_shift($stack);
} else {
array_unshift($stack, $token['name']);
}
}
$new[] = $token;
}
}
}
}
}
}
// since we may have cut the text, close any tags that we left open
foreach ($stack as $tag_name) {
$new[] = array('type' => 'tag', 'name' => $tag_name, 'closing' => true);
}
$this->createdsnippet = (sizeof($new) != sizeof($tokens) or $over_threshold);
// we did something, so we made a snippet
$result = $this->parse_array($new, $do_smilies, true, $do_html);
return $result;
}
protected function checkPollOptions($data)
{
$vboptions = vB::getDatastore()->get_value('options');
if (empty($data['options']) or !is_array($data['options'])) {
throw new Exception('no_options_specified');
}
if ($vboptions['maxpolloptions'] > 0 and count($data['options']) > $vboptions['maxpolloptions']) {
throw new Exception('too_many_options');
}
foreach ($data['options'] as &$option) {
if (!$option['title']) {
unset($option);
} elseif ($vboptions['maxpolllength'] and vB_String::vbStrlen($option['title']) > $vboptions['maxpolllength']) {
throw new Exception('option_title_toolong');
}
}
}
public static function is_index_word($word, $isLower = false)
{
$badwords = self::get_all_bad_words();
$goodwords = self::get_good_words();
if (!$isLower) {
$word = vB_String::vBStrToLower($word);
}
// is the word in the goodwords array?
if (in_array($word, $goodwords)) {
return 1;
} else {
// is the word outside the min/max char lengths for indexing?
$wordlength = vB_String::vbStrlen($word);
$options = vB::getDatastore()->get_value('options');
if ($wordlength < $options['minsearchlength'] or $wordlength > $options['maxsearchlength']) {
return 0;
} else {
if (in_array($word, $badwords)) {
return false;
} else {
return 1;
}
}
}
}
/**
* breaks up the text into words
* @param string $text
* @return string
*/
protected static function break_words($text)
{
$text = strip_tags($text);
$text = strip_bbcode($text, true, false, false, true);
// multibyte
$is_mb = preg_match('/[^\\x00-\\x7F]/', $text);
if (!$is_mb) {
$is_mb = strlen($text) != vB_String::vbStrlen($text);
}
if ($is_mb) {
$text = vB_String::toUtf8($text, vB_String::getCharSet());
if (preg_match('/&#([0-9]+);|[^\\x00-\\x7F]/esiU', $text) and function_exists('mb_decode_numericentity')) {
$text = mb_decode_numericentity($text, array(0x0, 0x2ffff, 0, 0xffff), 'UTF-8');
}
$pattern = '/[\\s,.!?@#$%^&*\\(\\)\\/<>"\';:\\[\\]\\{\\}\\+|-]/';
} else {
$pattern = '/[^a-z0-9_]+/i';
}
$words = preg_split($pattern, vB_String::vBStrToLower($text), -1, PREG_SPLIT_NO_EMPTY);
foreach ($words as $index => $word) {
if (!vB_Api_Search::is_index_word($word, true)) {
unset($words[$index]);
continue;
}
//$words[$index] = $is_mb ? vB_String::toUtf8($word) : $word;
if (empty($words[$index])) {
unset($words[$index]);
continue;
}
}
return $words;
}
/**
* Adds a new node.
*
* @param mixed Array of field => value pairs which define the record.
* Understands skipTransaction, skipFloodCheck, floodchecktime, skipDupCheck, skipNotification, nl2br, autoparselinks.
* - nl2br: if TRUE, all \n will be converted to <br /> so that it's not removed by the html parser (e.g. comments).
* - wysiwyg: if true convert html to bbcode. Defaults to true if not given.
*
* @return integer the new nodeid
*/
public function add($data, $options = array())
{
if ($this->textRequired and empty($data['pagetext']) and empty($data['rawtext'])) {
throw new vB_Exception_Api('text_required');
}
if (!$this->textRequired and empty($data['pagetext']) and empty($data['rawtext'])) {
// the duplicate check is based on the post text, which is not required,
// so we need to skip it if there is no text
$options['skipDupCheck'] = true;
}
$vboptions = vB::getDatastore()->getValue('options');
$parentNode = vB_Library::instance('node')->getNode($data['parentid']);
if (!empty($data['title'])) {
$strlen = vB_String::vbStrlen(trim($data['title']), true);
if ($strlen > $vboptions['titlemaxchars']) {
throw new vB_Exception_Api('maxchars_exceeded_x_title_y', array($vboptions['titlemaxchars'], $strlen));
}
} else {
$channelcontentypeid = vB_Api::instanceInternal('contenttype')->fetchContentTypeIdFromClass('Channel');
//title is requred for topics. VMs look like topics so they need to be exempt
if ($parentNode['contenttypeid'] == $channelcontentypeid and $data['parentid'] != vB_Api::instanceInternal('node')->fetchVMChannel()) {
throw new vB_Exception_Api('title_required');
}
}
$isComment = (isset($parentNode['parentid']) and isset($parentNode['starter']) and $parentNode['parentid'] == $parentNode['starter']);
if ($isComment) {
$minChars = $vboptions['commentminchars'];
$maxChars = $vboptions['commentmaxchars'];
} else {
$minChars = $vboptions['postminchars'];
$maxChars = $vboptions['postmaxchars'];
}
$strlen = vB_String::vbStrlen($this->library->parseAndStrip(empty($data['pagetext']) ? $data['rawtext'] : $data['pagetext']), true);
if ($this->textRequired and $strlen < $minChars) {
throw new vB_Exception_Api('please_enter_message_x_chars', $minChars);
}
if ($maxChars != 0 and $strlen > $maxChars) {
throw new vB_Exception_Api('maxchars_exceeded_x_y', array($maxChars, $strlen));
}
// If node is a starter and has no title
if (!empty($data['starter']) and $data['starter'] != $data['parentid'] and empty($data['title'])) {
return false;
}
if (isset($data['userid'])) {
unset($data['userid']);
}
if (isset($data['authorname'])) {
unset($data['authorname']);
}
if (!$this->validate($data, vB_Api_Content::ACTION_ADD)) {
throw new vB_Exception_Api('no_create_permissions');
}
/*
* check attachment permissions & limits
* When a text node is added, $data['attachments'] is set by the controller from the filedataids,
* see vB5_Frontend_Controller_CreateContent->addAttachments()
*
* This check is called here, content_text, and not the parent, content, because attachments are added via a call to
* vB_Library_Content_Attach->add() from vB_Library_Content_Text->add(). So any other content type that should
* be able to add attachments must be a child of text.
*
* Placed after the validate() permission checks because that made more sense to me to check "can user add node?"
* before "can user add attachments to node?", in terms of the order of exceptions the user might see, AND because
* this check does not modify $data in anyway, and thus the result of validate() is independent of this bit of code.
*/
$this->checkAttachmentPermissions($data);
// checks 'htmlstate' for comments and updates $data if needed
$this->checkHtmlstateForComments($data);
//We shouldn't pass the open or show open fields
unset($data['open']);
unset($data['showopen']);
//We shouldn't pass the approved or showapproved open fields
if (!$this->handleSpecialFields) {
unset($data['approved']);
unset($data['showapproved']);
}
$nodeOptions = vB_Api::instanceInternal('node')->getOptions();
$moderateNode = false;
if ($parentNode['starter'] == 0) {
$moderateNode = $nodeOptions['moderate_topics'] & $parentNode['nodeoptions'] ? true : false;
} else {
if ($nodeOptions['moderate_topics'] & $parentNode['nodeoptions'] or $nodeOptions['moderate_comments'] & $parentNode['nodeoptions']) {
$moderateNode = true;
}
}
if (!vB::getUserContext()->getChannelPermission('forumpermissions', 'followforummoderation', $data['parentid']) or $moderateNode) {
$data['approved'] = 0;
$data['showapproved'] = 0;
}
if (!isset($data['htmlstate'])) {
// default to off if the request didn't specify they want it on
$data['htmlstate'] = 'off';
}
$this->cleanInput($data);
$this->cleanOptions($options);
$wysiwyg = true;
if (isset($options['wysiwyg'])) {
$wysiwyg = (bool) $options['wysiwyg'];
}
$result = $this->library->add($data, $options, $wysiwyg);
if (is_numeric($result['nodeid'])) {
return $result['nodeid'];
}
return false;
}
/**
* Adds a new private message
*
* @param mixed must include 'sentto', 'contenttypeid', and the necessary data for that contenttype.
* @param array Array of options for the content being created.
* Understands skipTransaction, skipFloodCheck, floodchecktime, skipDupCheck, skipNotification,
* nl2br, autoparselinks, skipNonExistentRecipients.
* - nl2br: if TRUE, all \n will be converted to <br /> so that it's not removed by the html parser (e.g. comments).
* - skipNonExistentRecipients (bool) skips recipients that don't exist instead of throwing an exception.
* - wysiwyg: if true convert html to bbcode. Defaults to true if not given.
*
* @return int the new nodeid.
*/
public function add($data, $options = array())
{
$vboptions = vB::getDatastore()->getValue('options');
if (!empty($data['title'])) {
$strlen = vB_String::vbStrlen(trim($data['title']), true);
if ($strlen > $vboptions['titlemaxchars']) {
throw new vB_Exception_Api('maxchars_exceeded_x_title_y', array($vboptions['titlemaxchars'], $strlen));
}
}
//If this is a response, we have a "respondto" = nodeid
//If it's a forward, we set "forward" = nodeid
$userInfo = vB::getCurrentSession()->fetch_userinfo();
$sender = intval($userInfo['userid']);
if (!intval($sender) or !$this->canUsePmSystem()) {
throw new vB_Exception_Api('not_logged_no_permission');
}
if (!$userInfo['receivepm']) {
throw new vB_Exception_Api('pm_turnedoff');
}
$pmquota = vB::getUserContext()->getLimit('pmquota');
if ($userInfo['pmtotal'] >= $pmquota) {
throw new vB_Exception_Api('yourpmquotaexceeded', array($pmquota, $userInfo['pmtotal']));
}
$data['sender'] = $sender;
$recipientNames = 0;
//check if the user from the usergroup can send the pm to the number of recipients
$pmsendmax = vB::getUserContext()->getLimit('pmsendmax');
if (!empty($data['msgRecipients'])) {
$recipientNames = count(explode(',', $data['msgRecipients']));
} else {
if (!empty($data['sentto'])) {
$recipientNames = count($data['sentto']);
}
}
if ($pmsendmax > 0 and $recipientNames > $pmsendmax) {
throw new vB_Exception_Api('pmtoomanyrecipients', array($recipientNames, $pmsendmax));
}
if (!empty($data['pagetext'])) {
$strlen = vB_String::vbStrlen($this->library->parseAndStrip($data['pagetext']), true);
if ($strlen < $vboptions['postminchars']) {
throw new vB_Exception_Api('please_enter_message_x_chars', $vboptions['postminchars']);
}
if ($vboptions['postmaxchars'] != 0 and $strlen > $vboptions['postmaxchars']) {
throw new vB_Exception_Api('maxchars_exceeded_x_y', array($vboptions['postmaxchars'], $strlen));
}
} else {
if (!empty($data['rawtext'])) {
$strlen = vB_String::vbStrlen($this->library->parseAndStrip($data['rawtext']), true);
if ($strlen < $vboptions['postminchars']) {
throw new vB_Exception_Api('please_enter_message_x_chars', $vboptions['postminchars']);
}
if ($vboptions['postmaxchars'] != 0 and $strlen > $vboptions['postmaxchars']) {
throw new vB_Exception_Api('maxchars_exceeded_x_y', array($vboptions['postmaxchars'], $strlen));
}
} else {
throw new vB_Exception_Api('invalid_data');
}
}
if (empty($data['parentid'])) {
$data['parentid'] = $this->pmChannel;
}
if (!$this->validate($data, vB_Api_Content::ACTION_ADD)) {
throw new vB_Exception_Api('no_create_permissions');
}
if (isset($data['respondto'])) {
//if we don't have access to see a node we can't respond to it.
//this call with throw an exception if we don't have permission to load it.
$this->nodeApi->getNode($data['respondto']);
}
$this->cleanInput($data);
$this->cleanOptions($options);
$wysiwyg = true;
if (isset($options['wysiwyg'])) {
$wysiwyg = (bool) $options['wysiwyg'];
}
//If this is a response, we have a "respondto" = nodeid
$result = $this->library->add($data, $options, $wysiwyg);
return $result['nodeid'];
}
protected function isTagValid($tagtext, &$errors)
{
static $taggoodwords = null;
static $tagbadwords = null;
$options = vB::getDatastore()->get_value('options');
// construct stop words and exception lists (if not previously constructed)
if (is_null($taggoodwords) or is_null($tagbadwords)) {
// filter the stop words by adding custom stop words (tagbadwords) and allowing through exceptions (taggoodwords)
if (!is_array($tagbadwords)) {
$tagbadwords = preg_split('/\\s+/s', vB_String::vBStrToLower($options['tagbadwords']), -1, PREG_SPLIT_NO_EMPTY);
}
if (!is_array($taggoodwords)) {
$taggoodwords = preg_split('/\\s+/s', vB_String::vBStrToLower($options['taggoodwords']), -1, PREG_SPLIT_NO_EMPTY);
}
// get the stop word list; allow multiple requires
// merge hard-coded badwords and tag-specific badwords
$tagbadwords = array_merge(vB_Badwords::getBadWords(), $tagbadwords);
}
if ($tagtext === '') {
return false;
}
if (in_array(vB_String::vBStrToLower($tagtext), $taggoodwords)) {
return true;
}
$charStrlen = vB_String::vbStrlen($tagtext, true);
if ($options['tagminlen'] and $charStrlen < $options['tagminlen']) {
$errors['min_length'] = array('tag_too_short_min_x', $options['tagminlen']);
return false;
}
if ($charStrlen > $options['tagmaxlen']) {
$errors['max_length'] = array('tag_too_long_max_x', $options['tagmaxlen']);
return false;
}
if (strlen($tagtext) > 100) {
// only have 100 bytes to store a tag
$errors['max_length'] = array('tag_too_long_max_x', $options['tagmaxlen']);
return false;
}
$censored = fetch_censored_text($tagtext);
if ($censored != $tagtext) {
// can't have tags with censored text
$errors['censor'] = 'tag_no_censored';
return false;
}
if (count($this->splitTagList($tagtext)) > 1) {
// contains a delimiter character
// $errors['comma'] = $evalerrors ? fetch_error('tag_no_comma') : 'tag_no_comma';
$errors['comma'] = 'tag_no_comma';
return false;
}
if (in_array(strtolower($tagtext), $tagbadwords)) {
if (isset($errors['common'])) {
$tagtext = trim($errors['common'][1]) . ', ' . $tagtext;
}
$errors['common'] = array('tag_x_not_be_common_words', ' ' . $tagtext . ' ');
return false;
}
return true;
}
